$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/3044/QQ4ztE3DX0FSCt7OQoSGoZ7BXb8.roa File: QQ4ztE3DX0FSCt7OQoSGoZ7BXb8.roa (raw, json) Hash identifier: uN5rvQj7kOFrib6cf2SL8yjslUmuLTp0PZwHaYzW1f0= Subject key identifier: 41:0E:33:B4:4D:C3:5F:41:52:0A:DE:CE:42:84:86:A1:9E:C1:5D:BF Certificate issuer: /CN=B08B918D2D45B6371ACB9770743553D1BF224708 Certificate serial: 1CB1 Authority key identifier: B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/QQ4ztE3DX0FSCt7OQoSGoZ7BXb8.roa Signing time: Thu 02 Jan 2025 13:58:20 +0000 ROA not before: Thu 02 Jan 2025 13:58:20 +0000 ROA not after: Sat 27 Sep 2025 02:40:14 +0000 asID: 137718 IP address blocks: 103.159.142.0/23 maxlen: 24 Validation: OK Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.mft rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 06 Apr 2025 06:09:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7345 (0x1cb1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=B08B918D2D45B6371ACB9770743553D1BF224708 Validity Not Before: Jan 2 13:58:20 2025 GMT Not After : Sep 27 02:40:14 2025 GMT Subject: CN=410E33B44DC35F41520ADECE428486A19EC15DBF Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:d4:ea:f8:84:d3:f4:77:49:15:fe:3a:44:be: 0d:d5:2e:a0:40:30:9e:b1:eb:a8:77:0e:ea:7e:f6: bc:09:f3:45:c0:f4:89:2c:6c:bf:75:44:4d:5d:a6: 83:f4:24:33:12:5d:d3:bb:ae:73:d9:93:dd:76:8f: e4:e5:cc:c6:1a:a5:a8:09:2a:d8:e0:c6:77:a7:46: 30:bb:60:81:c1:6c:56:25:8b:6a:17:3a:af:bd:1f: dc:e6:36:cc:71:e7:57:da:27:1e:34:e4:9c:56:33: 65:73:1c:4c:79:2b:4c:88:ae:d5:70:54:f7:ae:d4: 57:6d:62:7a:12:53:9e:e7:6f:3f:ab:a3:18:47:e8: 2b:ed:85:18:95:35:55:79:aa:1e:95:3a:8f:c0:00: 1f:65:4a:bc:6b:e3:91:cb:be:31:ff:80:eb:5f:e9: c9:e4:1a:f6:98:97:fe:e4:b1:e4:46:02:24:47:f1: f9:41:a4:59:2c:3e:69:11:11:fe:f5:d4:4f:21:e5: 8b:55:1d:da:fa:d1:40:d9:53:f9:ee:ed:af:8a:c6: 6d:b1:9d:d9:46:ed:05:f6:0f:e0:f2:a8:f3:fc:fb: d6:c5:81:33:fb:bf:b2:77:3c:40:a7:69:9b:9f:b4: 19:9e:30:c5:8f:67:2b:b8:fa:e4:77:2f:37:10:35: 2f:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:0E:33:B4:4D:C3:5F:41:52:0A:DE:CE:42:84:86:A1:9E:C1:5D:BF X509v3 Authority Key Identifier: keyid:B0:8B:91:8D:2D:45:B6:37:1A:CB:97:70:74:35:53:D1:BF:22:47:08 X509v3 Certificate Policies: critical Policy: ipAddr-asNumber X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/sIuRjS1Ftjcay5dwdDVT0b8iRwg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/sIuRjS1Ftjcay5dwdDVT0b8iRwg.cer X509v3 Key Usage: critical Digital Signature Subject Information Access: Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/3044/QQ4ztE3DX0FSCt7OQoSGoZ7BXb8.roa RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml sbgp-ipAddrBlock: critical IPv4: 103.159.142.0/23 Signature Algorithm: sha256WithRSAEncryption 7f:db:46:c8:84:85:13:67:ca:b2:64:74:f0:82:e3:f9:2a:3c: 7d:44:38:24:4b:67:54:a0:b4:0e:e4:37:0d:15:0d:6d:78:d2: e5:02:06:8c:1d:97:06:76:7a:70:3d:24:ea:2d:28:04:bf:e4: a2:02:f7:48:e7:6c:15:3b:15:ce:79:5c:ff:e9:ae:66:4c:57: 2f:f7:5a:9d:ba:03:73:8b:ba:91:c2:61:79:c6:0f:d8:1d:ba: a7:68:17:92:4b:fe:58:90:d1:5d:33:bb:87:9e:fb:13:a0:fb: 63:6c:a6:bd:d4:db:77:34:72:93:fd:c0:7a:16:3b:08:3e:ae: 33:aa:94:5a:e5:a9:96:f4:df:50:76:df:d0:24:a2:a5:8c:41: d8:46:3e:a3:b5:2d:39:ff:43:ee:48:14:51:c4:4d:77:d1:b4: f9:ac:de:e6:71:cb:e6:1a:8f:cd:62:e6:82:91:19:cf:6b:ad: ff:27:37:f5:78:87:05:2a:6e:0d:5d:38:41:3a:e0:80:08:07: 05:80:52:66:d6:43:77:5f:b0:82:d8:4c:f3:21:01:a7:54:85: ff:dd:92:93:37:00:aa:92:ba:9d:5b:30:8d:3b:a9:cd:95:6f: 22:cf:e4:73:24:bb:3f:fe:36:76:1e:53:34:c8:dc:4d:bc:66: 3f:21:fd:07 -----BEGIN CERTIFICATE----- MIIE1zCCA7+gAwIBAgICHLEwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQjA4 QjkxOEQyRDQ1QjYzNzFBQ0I5NzcwNzQzNTUzRDFCRjIyNDcwODAeFw0yNTAxMDIx MzU4MjBaFw0yNTA5MjcwMjQwMTRaMDMxMTAvBgNVBAMTKDQxMEUzM0I0NERDMzVG NDE1MjBBREVDRTQyODQ4NkExOUVDMTVEQkYwggEiMA0GCSqGSIb3DQEBAQUAA4IB DwAwggEKAoIBAQDu1Or4hNP0d0kV/jpEvg3VLqBAMJ6x66h3Dup+9rwJ80XA9Iks bL91RE1dpoP0JDMSXdO7rnPZk912j+TlzMYapagJKtjgxnenRjC7YIHBbFYli2oX Oq+9H9zmNsxx51faJx405JxWM2VzHEx5K0yIrtVwVPeu1FdtYnoSU57nbz+roxhH 6CvthRiVNVV5qh6VOo/AAB9lSrxr45HLvjH/gOtf6cnkGvaYl/7kseRGAiRH8flB pFksPmkREf711E8h5YtVHdr60UDZU/nu7a+Kxm2xndlG7QX2D+DyqPP8+9bFgTP7 v7J3PECnaZuftBmeMMWPZyu4+uR3LzcQNS9pAgMBAAGjggHzMIIB7zAdBgNVHQ4E FgQUQQ4ztE3DX0FSCt7OQoSGoZ7BXb8wHwYDVR0jBBgwFoAUsIuRjS1Ftjcay5dw dDVT0b8iRwgwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMzA0 NC9zSXVSalMxRnRqY2F5NWR3ZERWVDBiOGlSd2cuY3JsMGMGCCsGAQUFBwEBBFcw VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF M0QwMDAwL3NJdVJqUzFGdGpjYXk1ZHdkRFZUMGI4aVJ3Zy5jZXIwDgYDVR0PAQH/ BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzMwNDQvUVE0enRFM0RYMEZT Q3Q3T1FvU0dvWjdCWGI4LnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw BgMEAWefjjANBgkqhkiG9w0BAQsFAAOCAQEAf9tGyISFE2fKsmR08ILj+So8fUQ4 JEtnVKC0DuQ3DRUNbXjS5QIGjB2XBnZ6cD0k6i0oBL/kogL3SOdsFTsVznlc/+mu ZkxXL/danboDc4u6kcJhecYP2B26p2gXkkv+WJDRXTO7h577E6D7Y2ymvdTbdzRy k/3AehY7CD6uM6qUWuWplvTfUHbf0CSipYxB2EY+o7UtOf9D7kgUUcRNd9G0+aze 5nHL5hqPzWLmgpEZz2ut/yc39XiHBSpuDV04QTrggAgHBYBSZtZDd1+wgthM8yEB p1SF/92SkzcAqpK6nVswjTupzZVvIs/kcyS7P/42dh5TNMjcTbxmPyH9Bw== -----END CERTIFICATE-----Generated at Sun Apr 6 02:23:43 2025 by rpki-client